Everything is under control: we protect corporate conversations. Part 2: Secure Telephone
As part of the continuation of the Tottoli GSM project description “ Everything is under control: we protect corporate conversations ”, we decided to describe the client part, since it caused the greatest interest. Under the terms of the project, it was necessary to ensure maximum security of employee communications, even if they were located outside the local network.
We refused to consider the use of cryptophones for the following reasons:
In our opinion, the most effective solution was the use of a telephone set with modified firmware. And in conjunction with our SIM-card, we received a self-contained solution.
Advantages of this choice:
The most effective tasks were able to solve the mobile phone Samsung C6112 .
The Samsung C6112 mobile phone is designed to protect conversations from control by GSM operators, and it also protects conversations from being intercepted by both active and semi-active catcher complexes. The device supports 2 SIM cards. All functions work on both SIM-cards and have independent settings.
The telephone support of two SIM-cards allows the subscriber to identify the activity of the interception complex in two communication operators at once.
')
IMEI - IMEI changes automatically, which makes it possible to be protected from control of negotiations through the GSM operator;
LAC Tracking - creating a profile in a specific place so that the interception complex could not capture the subscriber’s equipment;
Weak A5 - warning about lowering the cryptographic protection relative to A5.1
Call Ping - detects silent calls;
SMS Ping - detects all types of hidden SMS, and also prohibits all types of SMS-messages that may harm the mobile phone;
Channels Lock - the phone works through remote base stations
Alerts - select the type of notification of different events;
Show TIMSI - demonstration of TIMSI on the device display;
Clear Call Log - deletes all records of the calls made from the device;
One Channel - detects the presence of one channel in the mobile network and displays the number of this channel;
Fake SMS - identifying SMS sent with number spoofing
Check C2 - detection of active interception complexes and catchers on C2 by scanning
base stations
Recording - automatically records conversations;
Reset Settings - resets settings to recommended ones;
Information - displays the software version (software).
When the phone detects any of the specified events, an acoustic and / or vibrating signal is heard (in accordance with the device settings), and the display shows what was detected and for which of the two SIM cards the event occurred. . In addition, the detected event is recorded in the file log.txt.
There are no demasking signs on the phone that could indicate the presence of special functions in it. If you dial the standard number combination * # 06 # then the screen will display the native IMEI, the same as on the sticker under the battery. And IMEI, which was actually sent to the operator, you can look at a completely different combination of numbers. In a special menu with the settings of additional functions, you can enter only by typing a special combination of numbers and password.
This is done purposefully to make it impossible to understand that this is not an ordinary device. For those who want to organize control over the subscriber with such a phone, such knowledge is already a serious help. The only thing that outwardly produces such a phone is an icon on the screen, intended for visual tracking of the signal coding level.
More details on the device’s functionality can be found here: pro3gsm.com/vse-pod-kontrolem
Everything is under control: we protect corporate conversations. Part 1.
Everything is under control: we protect corporate conversations. Part 3: Secure SIM Card
We refused to consider the use of cryptophones for the following reasons:
- You can use a cryptophone only with a subscriber who uses the same device. The subscriber will not be able to use secure mode to negotiate with any contact.
- For comfortable communication, you need a stable data channel WI-FI, in extreme cases, 3G.
- Given the fact that the subscriber identifiers in the network remain unchanged (IMEI / IMSI), this allows third parties to determine the circle of communication, location and make MITM attacks.
- We also did not consider speech masquerators (substitution or distortion of voice), because they create only the appearance of protection if they are used without technical additions.
In our opinion, the most effective solution was the use of a telephone set with modified firmware. And in conjunction with our SIM-card, we received a self-contained solution.
Advantages of this choice:
- You can not purposefully listen to a mobile phone, because the subscriber IDs in the network change.
- Unable to establish a social circle.
- Calls do not require internet.
The most effective tasks were able to solve the mobile phone Samsung C6112 .
The Samsung C6112 mobile phone is designed to protect conversations from control by GSM operators, and it also protects conversations from being intercepted by both active and semi-active catcher complexes. The device supports 2 SIM cards. All functions work on both SIM-cards and have independent settings.
The telephone support of two SIM-cards allows the subscriber to identify the activity of the interception complex in two communication operators at once.
The Samsung C6112 phone has the following functionality:
')
IMEI - IMEI changes automatically, which makes it possible to be protected from control of negotiations through the GSM operator;
LAC Tracking - creating a profile in a specific place so that the interception complex could not capture the subscriber’s equipment;
Weak A5 - warning about lowering the cryptographic protection relative to A5.1
Call Ping - detects silent calls;
SMS Ping - detects all types of hidden SMS, and also prohibits all types of SMS-messages that may harm the mobile phone;
Channels Lock - the phone works through remote base stations
Alerts - select the type of notification of different events;
Show TIMSI - demonstration of TIMSI on the device display;
Clear Call Log - deletes all records of the calls made from the device;
One Channel - detects the presence of one channel in the mobile network and displays the number of this channel;
Fake SMS - identifying SMS sent with number spoofing
Check C2 - detection of active interception complexes and catchers on C2 by scanning
base stations
Recording - automatically records conversations;
Reset Settings - resets settings to recommended ones;
Information - displays the software version (software).
When the phone detects any of the specified events, an acoustic and / or vibrating signal is heard (in accordance with the device settings), and the display shows what was detected and for which of the two SIM cards the event occurred. . In addition, the detected event is recorded in the file log.txt.
There are no demasking signs on the phone that could indicate the presence of special functions in it. If you dial the standard number combination * # 06 # then the screen will display the native IMEI, the same as on the sticker under the battery. And IMEI, which was actually sent to the operator, you can look at a completely different combination of numbers. In a special menu with the settings of additional functions, you can enter only by typing a special combination of numbers and password.
This is done purposefully to make it impossible to understand that this is not an ordinary device. For those who want to organize control over the subscriber with such a phone, such knowledge is already a serious help. The only thing that outwardly produces such a phone is an icon on the screen, intended for visual tracking of the signal coding level.
More details on the device’s functionality can be found here: pro3gsm.com/vse-pod-kontrolem
Read more:
Everything is under control: we protect corporate conversations. Part 1.
Everything is under control: we protect corporate conversations. Part 3: Secure SIM Card
Source: https://habr.com/ru/post/306370/
All Articles